version 1.39, 2006/01/30 16:17:07
|
version 1.40, 2006/11/10 18:14:58
|
|
|
// Pegasus-defined SSL certificate verification callback | // Pegasus-defined SSL certificate verification callback |
typedef Boolean (SSLCertificateVerifyFunction) (SSLCertificateInfo &certInfo); | typedef Boolean (SSLCertificateVerifyFunction) (SSLCertificateInfo &certInfo); |
| |
/** This class provides information that is used during the SSL verification callback. |
/** This class provides information that is used during the SSL verification |
We pass a pointer to this object to the SSL_set_ex_data function. We can then use SSL_get_ex_data |
callback. We pass a pointer to this object to the SSL_set_ex_data |
from within the callback and cast the void* back to this object. In this case, we store a pointer |
function. We can then use SSL_get_ex_data from within the callback and |
to the Pegasus-defined callback function set in the SSLContext. We also store a pointer to a |
cast the void* back to this object. In this case, we store a pointer to |
certificate object which we construct during the callback. Some of the certificate information is |
the Pegasus-defined callback function set in the SSLContext. We also |
inaccessible outside the callback, so we need to retrieve the data within the function. |
store a pointer to a certificate object which we construct during the |
Each SSL connection object will have the same callback function, but each connection will have its |
callback. Some of the certificate information is inaccessible outside |
own certificate. Therefore, this class is constructed on a per-connection basis in SSLSocket. |
the callback, so we need to retrieve the data within the function. Each |
|
SSL connection object will have the same callback function, but each |
|
connection will have its own certificate. Therefore, this class is |
|
constructed on a per-connection basis in SSLSocket. |
*/ | */ |
class PEGASUS_COMMON_LINKAGE SSLCallbackInfo | class PEGASUS_COMMON_LINKAGE SSLCallbackInfo |
{ | { |
|
|
@param issuerName issuer name of the certificate. | @param issuerName issuer name of the certificate. |
@param version version number value from the certificate. | @param version version number value from the certificate. |
@param serailNumber serial number value from the certificate. | @param serailNumber serial number value from the certificate. |
@param notAfter notAfter date from the validity period of the certificate. |
@param notAfter notAfter date from the validity period of the |
@param notBefore notBefore date from the validity period of the certificate. |
certificate. |
|
@param notBefore notBefore date from the validity period of the |
|
certificate. |
@param depth depth of the certificate chain. | @param depth depth of the certificate chain. |
@param errorCode error code from the default verification of the | @param errorCode error code from the default verification of the |
certificate by the OpenSSL library. | certificate by the OpenSSL library. |
|
|
| |
~SSLContext(); | ~SSLContext(); |
| |
/** Gets the truststore path of the SSLContext object. This may be a CA file or a directory. |
/** Gets the truststore path of the SSLContext object. This may be a |
|
CA file or a directory. |
@return a string containing the truststore path. | @return a string containing the truststore path. |
*/ | */ |
String getTrustStore() const; | String getTrustStore() const; |
|
|
String getTrustStoreUserName() const; | String getTrustStoreUserName() const; |
#endif | #endif |
| |
/** Returns the verification callback associated with this context. This may be NULL. |
/** Returns the verification callback associated with this context. |
|
This may be NULL. |
@return the verification callback function | @return the verification callback function |
*/ | */ |
SSLCertificateVerifyFunction* getSSLCertificateVerifyFunction() const; | SSLCertificateVerifyFunction* getSSLCertificateVerifyFunction() const; |
|
|
@param keyPath server key file path | @param keyPath server key file path |
@param verifyCert function pointer to a certificate verification | @param verifyCert function pointer to a certificate verification |
call back function. | call back function. |
@param trustStoreUserName In OpenPegasus 2.5 this parameter specified the user to |
@param trustStoreUserName In OpenPegasus 2.5 this parameter |
associate the truststore with; this was basically a workaround to |
specified the user to associate the truststore with; this was |
providers that required a username. With the support provided in PEP 187, |
basically a workaround to providers that required a username. With |
|
the support provided in PEP 187, |
this parameter is ignored beginning in release 2.5. | this parameter is ignored beginning in release 2.5. |
@param randomFile file path of a random file that is used as a seed | @param randomFile file path of a random file that is used as a seed |
for random number generation by OpenSSL. | for random number generation by OpenSSL. |
| |
@exception SSLException exception indicating failure to create a context. |
@exception SSLException exception indicating failure to create a |
|
context. |
*/ | */ |
SSLContext( | SSLContext( |
const String& trustStore, | const String& trustStore, |